#Threat-intelligence
Showing 60 of 277 repositories tagged #threat-intelligence, ranked by stars
817 structured cybersecurity skills for AI agents · Mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF & MITRE F3 (Fight Fraud) · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 29 security domains · Apache 2.0
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Defund the Police.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
The recursive internet scanner for hackers. 🧡
Open Cyber Threat Intelligence Platform
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
The FLARE team's open-source tool to identify capabilities in executable files.
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
IntelOwl: manage your Threat Intelligence at scale
📡 Comprehensive collection of OSINT tools for cybersecurity professionals, researchers, and bug bounty hunters. Topics: information gathering, reverse search, red team, trust & safety, AI.
Real-time HTTP Intrusion Detection
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
🕵️♂️ (2-in-1) Email & Username OSINT suite for deep data extraction. Analyzes 290+ scan vectors (105+ email / 185+ username) for security research, investigations, and digital footprinting.
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
A browser extension for OSINT search
Awesome Security lists for SOC/CERT/CTI
Asset inventory of over 800 public bug bounty programs.
Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.
A resource containing all the tools each ransomware gangs uses
ThePhish: an automated phishing email analysis tool
Free educational content on reverse engineering and malware analysis from the FLARE team
Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.
Real-time phishing & scam domain blocklist — 170k+ curated threats, 888K+ community, free API, multiple formats
🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.
Malcom - Malware Communications Analyzer
A curated list of annual cyber security reports
Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
Repositório criado com intuito de reunir expressões regulares dentro do contexto Brasil
The Correlated CVE Vulnerability And Threat Intelligence Database API
AI-powered OSINT agent with interactive REPL, MCP server, and CLI. 16 tools. Works with Claude, GPT-4, or local models. For authorized security research only.
Extract and aggregate threat intelligence.
Open source platform for cyber security analysts with many features for threat intelligence and detection engineering.
A collection of resources for Threat Hunters
This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.
Live Feed of C2 servers, tools, and botnets
Collection of knowledge about information security
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
The Big Brother V5.0 is a weaponized OSINT platform featuring username enumeration (473+ platforms), quad-vector visual intelligence, Sky Radar tracking, crypto wallet analysis, SSL intelligence, digital footprint reconstruction, EXIF extraction, advanced dorking, and network reconnaissance.
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Clusters and elements to attach to MISP events or attributes (like threat actors)
Malware Sample Sources
A large repository of malware samples with 2500+ malware samples & source codes for a variety of platforms by Cryptware Apps.
Comprehensive 2026 OSINT guide — 450+ tools, AI intelligence, methodologies & ethics across 35 sections for investigation & threat intel.
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
OpenCTI Connectors
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
A curated list of Awesome Threat Intelligence Blogs
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Free educational courses in cybersecurity, reverse engineering, malware analysis, and programming designed to expand access, build practical skills, and support the next generation of cyber defenders.
Threat Intel IoCs + bits and pieces of dark matter. Published by Gen Threat Labs.
:wolf: Malware analysis platform
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
Lyrie.ai — The world's first autonomous AI cybersecurity agent. Built by OTT Cybersecurity LLC.
Bringing you the best of the worst files on the Internet.
The OSINT Omnibus (beta release)
CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and robust access control. Enhance your CTI workflow from analysis to reporting—all in one secure space.